[Pdns-users] PowerDNS Slave with DNSSEC and subdomain
benjamin.rechsteiner at abacus.ch
Wed Feb 16 16:48:08 UTC 2022
we use PowerDNS in a Master/Slave (Supermaster) setup with Postgresql
backend and sync the zones with AXFR.
We have two zones on the master (foobar.ch and dev.foobar.ch) now we
want to enable DNSSEC. This also works including AXFR to the slave
However, we get the following error message on the slave server (4.5.3)
[Warning] 'dev.foobar.ch|RRSIG' in zone 'foobar.ch' is occluded by a
delegation at 'dev.foobar.ch' [Error] Following record is auth=1, run
pdnsutil rectify-zone?: dev.foobar.ch IN RRSIG DS 13 3 3600
20220224000000 20220203000000 52845 foobar.ch
Checked 16 records of 'foobar.ch', 1 errors, 1 warnings.
does anyone have an idea how we can solve the problem?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the Pdns-users